Understand background information found in the introduction of the Red Book

85% GRC Capability Model Details

Understand key management actions and controls

Understand design and implementation considerations

Learn – 20%, Align – 30%, Perform – 30%, Review – 5%

How difficult is the GRCP exam?

Most people who pass the exam report that they carefully studied the GRC Capability Model and completed the GRC Fundamentals course.

Those who fail tend to pass on a subsequent attempt so long as they study and complete the GRC Fundamentals videos.

In other words ... STUDY and WATCH the videos if you want to pass the exam.

How long does it take to prepare?

Preparation time varies based on your experience.

People who pass the exam report anywhere from 2 hours to 40 hours of preparation before the the exam. This wide range seems to be explained by the differences in background.

If you are more experienced in governance, risk, audit, compliance, ethics or IT, then less time may be required to prepare vs. someone who is new to GRC.

How long does the exam itself take?

You have 2 hours to complete the exam. Most people use the entire 2 hours.

Is the exam open book?

YES! The GRCP Exam is open book which means that you may use Google and other resources while taking the exam. However, don't be fooled! The exam is challenging even with the help of these resources.

The process and exam should reflect modern reality. You use Google and online resources every day in your job. You should be able to use these resources to learn. You should even be able to use these resources when you take the exam.

What score do I need to pass the exam?

You must correctly answer 70% of the 100 questions to pass the exam.

When do I find out if I passed the exam?

You get your result immediately after taking the exam. If you pass, then your certificate is immediately available for printing.

You may also order a physical certificate that is signed by OCEG Chairman and framed.

What happens if I fail the first time? Second time?

You may retake the exam as many times as required to eventually pass the exam.

We believe that Certification should be part of the learning process and help reinforce understanding and not just be a point in time proof of memorized knowledge.

Our database of questions is extensive and so it is unlikely that you will see the same questions each time that you attempt the exam. In other words, BE FULLY PREPARED each time that you attempt the exam.

You may retake the exam as many times as required to pass the exam. This is all about LEARNING, not TESTING

Do I need to "re-certify" every year?

NO! You only need to pass the exam once.

We use continuing education requirements to ensure that you stay current with new developments in GRC. You can review the other requirements to maintain your GRCP certification.

How was the GRCP exam developed?

The GRCP topics and questions were determined by conducting an extensive job analysis of over 500 GRC Professionals in June 2010.

Participants in the job analysis were asked to analyze over 200 skills and determine their significance to a GRC professional, executive or auditor.

The job analysis and other research yielded a competency model that serves as a blueprint for the GRCP.

We update the GRC Capability model and GRC Professional Exam to reflect important changes in the marketplace.